• Your favorite








    , and
  • Documents Highlight the GCHQ and NSA Launching Attacks against Anti-Virus Firms

    The US National Security Agency and the Government Communications Headquarters, which is the British equivalent, have reportedly been launching attacks against security software in an effort to track individuals and break into networks according to a recent report. One of the main targets appears to be Russia’s Kaspersky Lab based off documents leaked by ex-NSA contractor, Edward Snowden.

    The agencies have reportedly been reverse-engineering Kaspersky software to look for potential exploits. The NSA in particular has allegedly taken things one step further by going as far as intercepting data sent from Kaspersky apps to the company’s servers. Much of this app data is reportedly unencrypted, although Kaspersky claims that the company was unable to reproduce similar findings in testing.

    One of the specific events that highlighted evidence for reverse engineering was a GCHQ warrant renewal request from 2008 where the company asked for the legal sanction to deconstruct apps from Kaspersky and others because they “posed a challenge to GCHQ’s CNE (Computer Network Exploitation) capability and SRE (Software Reverse Engineering) is essential in order to be able to exploit such software and to prevent detection of our activities.” The agency even was as far as indicating that SRE was being used to judge the “suitability of anti-virus” programs for use by separate government organizations.

    This tracking program from the NSA reportedly involves monitoring HTTP requests that contain unique identifiers showing that a customer has Kaspersky software. This in turn allows the NSA to track someone and judge whether their computer is vulnerable to an attack. Kaspersky made a recent statement though insisting transmitted data is depersonalized and that it uses encryption. Another method used by the NSA involves scanning the email traffic of foreign anti-virus companies in order to pick up hints of new exploits and malware. If there is malware, the agency has a group that can repurpose it to launch an attack against a desired target.

    A previous presentation on the monitoring program mentioned that there are 23 foreign anti-virus firms apart from Kaspersky such as Avast, F-Secure and Check Point. That being said, major American and British companies seem to be excluded such as McAfee, Symantec and Sophos.

    We’ll have to see how the public reacts and more importantly how tech companies will react to this news.

    Source: The Intercept via AppleInsider
    This article was originally published in forum thread: Documents Highlight the GCHQ and NSA Launching Attacks against Anti-Virus Firms started by Akshay Masand View original post
    Comments 1 Comment
    1. StuG III's Avatar
      StuG III -
      Pretty shameless work paid for by citizens.